SlideShare une entreprise Scribd logo

Smoothwall and Ampliphae - Networkshop46

Télécharger en tant que PPTX, PDF
Jisc
Jisc

Presentations from Smoothwall and Ampliphae at Networkshop46. Managing Prevent duty through effective web content management - by Tom Newton, product manager, Smoothwall. The hidden risks of SaaS and cloud applications and how to take back control - by Nigel Oakley, director of business development, Ampliphae.

Technologie
1  sur  33
Smoothwall Tom Newton, Smoothwall
www.smoothwall.com Managing Prevent Duty through Effective Web Content Management Tom Newton, Product Manager
The Prevent duty is the legal obligation of authorities to provide “due regard to the need to prevent people from being drawn into terrorism”. Counter-Terrorism and Security Act, 2015
Compliance To comply with the Prevent duty, institutions must: ● assess the risks associated with Prevent in the context of their local situation and draw up a proportionate action plan to mitigate those risks ● have responsive, effective welfare support systems, ensuring concerns about students' wellbeing can be acted on, linking to Prevent structures (such as local authorities or the police) if necessary ● ensure internal mechanisms and external arrangements are in place for sharing information about vulnerable individuals when appropriate ● have systems in place for assessing and mitigating risks around external speakers and events on campus, while maintaining the existing duty to promote freedom of speech ● ensure senior managers are engaged with the Prevent duty, build links with external Prevent partners, and arrange ongoing Prevent training for relevant staff ● implement an IT usage policy which covers the Prevent duty ● ensure that students' unions and societies are aware of, and are consulted on, policies concerning activities on campus.
Myths around the Prevent duty Myth 1 - the Prevent duty facilitates spying upon students There is no reliable evidence suggesting that organisations are interested in gathering security-related intelligence let alone engaging in it. The risk of being drawn into terrorism is to be treated as a vulnerability i.e. suicide. Higher Education Funding Council for England, 2017
Myths around the Prevent duty Myth 2 - the Prevent duty requires organisations to report students for the expression of radical views Nobody can lawfully be referred to a Prevent panel merely for the expression of radical or unorthodox views, there must be evidence of a risk of harm. Higher Education Funding Council for England, 2017
Myths around the Prevent duty Myth 3 - the Prevent duty violates basic human rights The Prevent duty complies with the European Convention on Human rights, incorporated into UK law by the Human Rights Act. Higher Education Funding Council for England, 2017
Prevent and the web
What not to do ● Heavy duty filtering ● Try and do the same as schools ● Keep students from accessing useful resources
What to do: Light Touch Filtering & Visibility Smoothwall achieves this in 5 key ways... ● Search term filtering ● Government URL databases ● Content Filtering ● Alerting ● Overview reporting
What to do: Search Term Filtering ● Shows intent ● Often better than looking at search results
What to do: IWF & Counterterror Lists ● IWF members - block access to Illegal Child Abuse Images and Content (CAIC) ● Integrate the CTIRU (Counter Terrorism Internet Referral Unit) list of unlawful sites, produced on behalf of the Home Office ● First content filter to take CTIRU List
Smoothwall’s Categories DiscriminationDrugs/ Substance Abuse Extremism Malware/ Hacking Pornography Piracy and Copyright Theft Self Harm Violence Abortion Alcohol and Tobacco Weapons Computer Games Payday Loans File Hosting Child Abuse Intolerance Hacking Gambling Alcohol and Tobacco Medical Information Graphic Novels Terrorism
What to do: Content Filtering ● Useful on social networks ● Only way to see “logged in traffic” ● Only way to see what’s there in real time
What to do: Alerting ● Low positive false rate ● Alerts to the correct people ● Act before problems occur
What to do: Overview Reporting ● Can be useful to evaluate prevalence of search queries and inappropriate accesses ● A good balance with alerting is essential
Prerequisites ● Authentication - no filter is useful if you can’t identify users
Prerequisites ● Authentication - no filter is useful if you can’t identify users ● Coverage of BYOD - should be considered in any rollout
Prerequisites ● Authentication - no filter is useful if you can’t identify users ● Coverage of BYOD - should be considered in any rollout ● Responsibility - reports & alerts need action
Thank you www.smoothwall.com
The hidden risks of SaaS and cloud applications and how to take back control Nigel Oakley, Ampliphae
Take Control of Your Cloud Nigel Oakley Business Development Director
Application Ecosystem • Application ecosystems are growing in size, scope and complexity…
Shifting Landscape Lift and shift Rearchitect Innovation ‘Vendors are shifting their business models from on-premises licensed software to public cloud-based offerings, this trend will continue.’ - Gartner Applications that are lifted and shifted to the cloud can't take full advantage of native cloud features - may not be cost-effective.SaaSification
The SaaS Challenge  Loss of Authority  SaaS providers market direct to consumers  Self selection – Consumerisation of IT  Decentralised decision making  Loss of Control  Vendors define the architecture and deployment  All that’s required is a browser and connectivity!  Your data is managed by the vendor  But IT retain Accountability  Risk of security and regulatory infringement  Fewer control points, reduced visibility  Total dependence on many more vendors
GDPR and Compliance Risks Privacy Rectification Erasure Access Is the data adequately secured and encrypted in transit and at rest? Who can access the data, who stores the data, can the cloud provider access it? Is it easy to change customer data on request, do you know where it is located? Can a customer’s data be completely deleted under your control? Compliance Can you prove that the SaaS applications your employees have signed up to provide appropriate GDPR regulatory compliance ?
Cloud Adoption Lifecycle: Managed Adoption Discovery: Evaluated by IT department as they test configurations, deployment, support processes Understanding: Pilot with selected users who put the solution through it’s paces Adoption: Controlled roll-out to departments and teams Planned Commitment: In use across the organisation Discovery Rejection Withdrawn Uncontrolled Adoption Understanding Retirement Unplanned Commitment Adoption Lingering Planned Commitment Niche Planned Decline Conscious UncouplingCriticality Threshold Irreversibility Threshold Discovery Threshold Institutional
Cloud Adoption Lifecycle: Viral Adoption Discovery: Adopted by a single user, who immediately invites their colleagues to join Uncontrolled Adoption: Makes the team’s life easier, they enthusiastically adopt it Unplanned Commitment: Integral to the business, it’s impossible to imagine life without it Institutional Discovery Rejection Withdrawn Uncontrolled Adoption Understanding Retirement Unplanned Commitment Adoption Lingering Planned Commitment Niche Planned Decline Conscious UncouplingCriticality Threshold Irreversibility Threshold Discovery Threshold Institutional
Take Back Control
Identify all the Cloud Applications in use within your organisation. Understand who uses each application, when, where and why. Discovery Highlight security, regulatory and commercial considerations for each Cloud Application, and make an appropriate decision. Governance Block or optimise access to individual Cloud Applications. Give your people the information they need to make informed decisions. Control Continuously monitor for new Cloud Applications, and audit cost and risk. Cost and compliance reporting Audit Analyse Discover which applications your people are using Know where your data is stored Understand how secure it is and who can access it Govern and manage the vendors Control applications and activities in the Cloud Manage your risks and exposures Deep insights into the usage and adoption of cloud applications. Predict application growth, identify security threats and anomalies Ampliphae Overview
Comprehend, Comply, Control www.ampliphae.com
Email: Nigel.Oakley@ampliphae.com Tel: +44 (0)20 3289 0121 Thank you Have you any questions? Nigel Oakley Business Development Director

Recommandé

The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...Jisc
 
Jisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Webroot - self-defending IoT devices & gateways
Webroot - self-defending IoT devices & gateways Webroot - self-defending IoT devices & gateways
Webroot - self-defending IoT devices & gateways IISPEastMids
 
Gartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangGartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangColloqueRISQ
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaCristian Garcia G.
 

Recommandé

The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...The Jisc vulnerability assessment management service – part 2: how to avoid t...
The Jisc vulnerability assessment management service – part 2: how to avoid t...Jisc
 
Jisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc cloud services: helping our members deliver their cloud strategies
Jisc cloud services: helping our members deliver their cloud strategiesJisc
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Webroot - self-defending IoT devices & gateways
Webroot - self-defending IoT devices & gateways Webroot - self-defending IoT devices & gateways
Webroot - self-defending IoT devices & gateways IISPEastMids
 
Gartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangGartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangColloqueRISQ
 
Cyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrCyber Security Services & Solutions - Zymr
Cyber Security Services & Solutions - ZymrZYMR, INC.
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaCristian Garcia G.
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake sheaColloqueRISQ
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Huntsman Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesDave Reeves
 
Why CSA Australia
Why CSA AustraliaWhy CSA Australia
Why CSA AustraliaCloudSecurityAllianceAustralia
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Management Associates
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingCloudSecurityAllianceAustralia
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber SecurityVivianMarcello3
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Mobility innovation and unknowns
Mobility innovation and unknownsMobility innovation and unknowns
Mobility innovation and unknownsLisa Marie Martinez
 
Project Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxProject Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxstilliegeorgiana
 

Contenu connexe

Tendances

DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake sheaColloqueRISQ
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMSJisc
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Huntsman Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016ColloqueRISQ
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things NetIQ
 
Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesDave Reeves
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Management Associates
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 

Tendances (20)

DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber Resilience
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
Google peter logli & jake shea
Google peter logli & jake sheaGoogle peter logli & jake shea
Google peter logli & jake shea
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
eduTEAMS
eduTEAMSeduTEAMS
eduTEAMS
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Microsoft john weigelt 2016
Microsoft john weigelt 2016Microsoft john weigelt 2016
Microsoft john weigelt 2016
 
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
 
Cyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical ServicesCyber Security - Maintaining Operational Control of Critical Services
Cyber Security - Maintaining Operational Control of Critical Services
 
Why CSA Australia
Why CSA AustraliaWhy CSA Australia
Why CSA Australia
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
 
Global Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud ComputingGlobal Mandate to Secure Cloud Computing
Global Mandate to Secure Cloud Computing
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: Cybersecurity
 

Similaire à Smoothwall and Ampliphae - Networkshop46

Mobility innovation and unknowns
Mobility innovation and unknownsMobility innovation and unknowns
Mobility innovation and unknownsLisa Marie Martinez
 
Project Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxProject Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxstilliegeorgiana
 
Social Media And The Workplace February 2012
Social Media And The Workplace February 2012Social Media And The Workplace February 2012
Social Media And The Workplace February 2012PBeisty
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspectiveSravan Ankaraju
 
Tech Conferences To Share Ways Of Building A Robust Cybersecurity Culture
Tech Conferences To Share Ways Of Building A Robust Cybersecurity CultureTech Conferences To Share Ways Of Building A Robust Cybersecurity Culture
Tech Conferences To Share Ways Of Building A Robust Cybersecurity CultureInternet 2Conf
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Laura Benitez
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxucisa
 
Creating accessibility policy
Creating accessibility policyCreating accessibility policy
Creating accessibility policyDavid Banes
 
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsCCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsTrustArc
 
Develop project pia+ risk identification
Develop project pia+ risk identificationDevelop project pia+ risk identification
Develop project pia+ risk identificationTrilateral Research
 
Post 1Participative Budgetary Process serves several benefit.docx
Post 1Participative Budgetary Process serves several benefit.docxPost 1Participative Budgetary Process serves several benefit.docx
Post 1Participative Budgetary Process serves several benefit.docxstilliegeorgiana
 
Iot visualise-the-impact-aralık2016
Iot visualise-the-impact-aralık2016Iot visualise-the-impact-aralık2016
Iot visualise-the-impact-aralık2016Mustafa Kuğu
 

Similaire à Smoothwall and Ampliphae - Networkshop46 (20)

Mobility innovation and unknowns
Mobility innovation and unknownsMobility innovation and unknowns
Mobility innovation and unknowns
 
Project Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docxProject Access Control ProposalPurposeThis course project i.docx
Project Access Control ProposalPurposeThis course project i.docx
 
Social Media And The Workplace February 2012
Social Media And The Workplace February 2012Social Media And The Workplace February 2012
Social Media And The Workplace February 2012
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
Social media risks guide
Social media risks guideSocial media risks guide
Social media risks guide
 
Reputation Guards
Reputation GuardsReputation Guards
Reputation Guards
 
Reputation-guards.com
Reputation-guards.comReputation-guards.com
Reputation-guards.com
 
Tech Conferences To Share Ways Of Building A Robust Cybersecurity Culture
Tech Conferences To Share Ways Of Building A Robust Cybersecurity CultureTech Conferences To Share Ways Of Building A Robust Cybersecurity Culture
Tech Conferences To Share Ways Of Building A Robust Cybersecurity Culture
 
Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...Information Assurance Guidelines For Commercial Buildings...
Information Assurance Guidelines For Commercial Buildings...
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptx
 
Creating accessibility policy
Creating accessibility policyCreating accessibility policy
Creating accessibility policy
 
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc SolutionsCCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
CCPA Compliance from Ground Zero: Start to Finish with TrustArc Solutions
 
Develop project pia+ risk identification
Develop project pia+ risk identificationDevelop project pia+ risk identification
Develop project pia+ risk identification
 
Takeaways from a Simulated Cyber Attack
Takeaways from a Simulated Cyber AttackTakeaways from a Simulated Cyber Attack
Takeaways from a Simulated Cyber Attack
 
Reputation-guards.com
Reputation-guards.comReputation-guards.com
Reputation-guards.com
 
Reputation-guards
Reputation-guardsReputation-guards
Reputation-guards
 
Reputation Guards
Reputation GuardsReputation Guards
Reputation Guards
 
Post 1Participative Budgetary Process serves several benefit.docx
Post 1Participative Budgetary Process serves several benefit.docxPost 1Participative Budgetary Process serves several benefit.docx
Post 1Participative Budgetary Process serves several benefit.docx
 
Iot visualise-the-impact-aralık2016
Iot visualise-the-impact-aralık2016Iot visualise-the-impact-aralık2016
Iot visualise-the-impact-aralık2016
 

Plus de Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

Plus de Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Dernier

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Dernier (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Smoothwall and Ampliphae - Networkshop46

  • 2. www.smoothwall.com Managing Prevent Duty through Effective Web Content Management Tom Newton, Product Manager
  • 3. The Prevent duty is the legal obligation of authorities to provide “due regard to the need to prevent people from being drawn into terrorism”. Counter-Terrorism and Security Act, 2015
  • 4. Compliance To comply with the Prevent duty, institutions must: ● assess the risks associated with Prevent in the context of their local situation and draw up a proportionate action plan to mitigate those risks ● have responsive, effective welfare support systems, ensuring concerns about students' wellbeing can be acted on, linking to Prevent structures (such as local authorities or the police) if necessary ● ensure internal mechanisms and external arrangements are in place for sharing information about vulnerable individuals when appropriate ● have systems in place for assessing and mitigating risks around external speakers and events on campus, while maintaining the existing duty to promote freedom of speech ● ensure senior managers are engaged with the Prevent duty, build links with external Prevent partners, and arrange ongoing Prevent training for relevant staff ● implement an IT usage policy which covers the Prevent duty ● ensure that students' unions and societies are aware of, and are consulted on, policies concerning activities on campus.
  • 5. Myths around the Prevent duty Myth 1 - the Prevent duty facilitates spying upon students There is no reliable evidence suggesting that organisations are interested in gathering security-related intelligence let alone engaging in it. The risk of being drawn into terrorism is to be treated as a vulnerability i.e. suicide. Higher Education Funding Council for England, 2017
  • 6. Myths around the Prevent duty Myth 2 - the Prevent duty requires organisations to report students for the expression of radical views Nobody can lawfully be referred to a Prevent panel merely for the expression of radical or unorthodox views, there must be evidence of a risk of harm. Higher Education Funding Council for England, 2017
  • 7. Myths around the Prevent duty Myth 3 - the Prevent duty violates basic human rights The Prevent duty complies with the European Convention on Human rights, incorporated into UK law by the Human Rights Act. Higher Education Funding Council for England, 2017
  • 9. What not to do ● Heavy duty filtering ● Try and do the same as schools ● Keep students from accessing useful resources
  • 10. What to do: Light Touch Filtering & Visibility Smoothwall achieves this in 5 key ways... ● Search term filtering ● Government URL databases ● Content Filtering ● Alerting ● Overview reporting
  • 11. What to do: Search Term Filtering ● Shows intent ● Often better than looking at search results
  • 12. What to do: IWF & Counterterror Lists ● IWF members - block access to Illegal Child Abuse Images and Content (CAIC) ● Integrate the CTIRU (Counter Terrorism Internet Referral Unit) list of unlawful sites, produced on behalf of the Home Office ● First content filter to take CTIRU List
  • 13. Smoothwall’s Categories DiscriminationDrugs/ Substance Abuse Extremism Malware/ Hacking Pornography Piracy and Copyright Theft Self Harm Violence Abortion Alcohol and Tobacco Weapons Computer Games Payday Loans File Hosting Child Abuse Intolerance Hacking Gambling Alcohol and Tobacco Medical Information Graphic Novels Terrorism
  • 14. What to do: Content Filtering ● Useful on social networks ● Only way to see “logged in traffic” ● Only way to see what’s there in real time
  • 15. What to do: Alerting ● Low positive false rate ● Alerts to the correct people ● Act before problems occur
  • 16. What to do: Overview Reporting ● Can be useful to evaluate prevalence of search queries and inappropriate accesses ● A good balance with alerting is essential
  • 17. Prerequisites ● Authentication - no filter is useful if you can’t identify users
  • 18. Prerequisites ● Authentication - no filter is useful if you can’t identify users ● Coverage of BYOD - should be considered in any rollout
  • 19. Prerequisites ● Authentication - no filter is useful if you can’t identify users ● Coverage of BYOD - should be considered in any rollout ● Responsibility - reports & alerts need action
  • 21. The hidden risks of SaaS and cloud applications and how to take back control Nigel Oakley, Ampliphae
  • 22. Take Control of Your Cloud Nigel Oakley Business Development Director
  • 23. Application Ecosystem • Application ecosystems are growing in size, scope and complexity…
  • 24.
  • 25. Shifting Landscape Lift and shift Rearchitect Innovation ‘Vendors are shifting their business models from on-premises licensed software to public cloud-based offerings, this trend will continue.’ - Gartner Applications that are lifted and shifted to the cloud can't take full advantage of native cloud features - may not be cost-effective.SaaSification
  • 26. The SaaS Challenge  Loss of Authority  SaaS providers market direct to consumers  Self selection – Consumerisation of IT  Decentralised decision making  Loss of Control  Vendors define the architecture and deployment  All that’s required is a browser and connectivity!  Your data is managed by the vendor  But IT retain Accountability  Risk of security and regulatory infringement  Fewer control points, reduced visibility  Total dependence on many more vendors
  • 27. GDPR and Compliance Risks Privacy Rectification Erasure Access Is the data adequately secured and encrypted in transit and at rest? Who can access the data, who stores the data, can the cloud provider access it? Is it easy to change customer data on request, do you know where it is located? Can a customer’s data be completely deleted under your control? Compliance Can you prove that the SaaS applications your employees have signed up to provide appropriate GDPR regulatory compliance ?
  • 28. Cloud Adoption Lifecycle: Managed Adoption Discovery: Evaluated by IT department as they test configurations, deployment, support processes Understanding: Pilot with selected users who put the solution through it’s paces Adoption: Controlled roll-out to departments and teams Planned Commitment: In use across the organisation Discovery Rejection Withdrawn Uncontrolled Adoption Understanding Retirement Unplanned Commitment Adoption Lingering Planned Commitment Niche Planned Decline Conscious UncouplingCriticality Threshold Irreversibility Threshold Discovery Threshold Institutional
  • 29. Cloud Adoption Lifecycle: Viral Adoption Discovery: Adopted by a single user, who immediately invites their colleagues to join Uncontrolled Adoption: Makes the team’s life easier, they enthusiastically adopt it Unplanned Commitment: Integral to the business, it’s impossible to imagine life without it Institutional Discovery Rejection Withdrawn Uncontrolled Adoption Understanding Retirement Unplanned Commitment Adoption Lingering Planned Commitment Niche Planned Decline Conscious UncouplingCriticality Threshold Irreversibility Threshold Discovery Threshold Institutional
  • 31. Identify all the Cloud Applications in use within your organisation. Understand who uses each application, when, where and why. Discovery Highlight security, regulatory and commercial considerations for each Cloud Application, and make an appropriate decision. Governance Block or optimise access to individual Cloud Applications. Give your people the information they need to make informed decisions. Control Continuously monitor for new Cloud Applications, and audit cost and risk. Cost and compliance reporting Audit Analyse Discover which applications your people are using Know where your data is stored Understand how secure it is and who can access it Govern and manage the vendors Control applications and activities in the Cloud Manage your risks and exposures Deep insights into the usage and adoption of cloud applications. Predict application growth, identify security threats and anomalies Ampliphae Overview
  • 33. Email: Nigel.Oakley@ampliphae.com Tel: +44 (0)20 3289 0121 Thank you Have you any questions? Nigel Oakley Business Development Director